Going PHP

13 February 2008 - 12:14

Tech-Pro.net is quite an old site. It started off several years ago (using the domain tech-pro.co.uk) as a personal vanity site when I was earning my full time living as a freelance computer journalist. Most of the articles that you find on the site were written at that time, and they are largely responsible for the site being considered relevant today by Google and other search engines for various technical topics.

When I started the site my sum knowledge of web design was to fire up Microsoft FrontPage and create static HTML pages. Nowadays, I know a lot more, and want to use things like PHP in my pages. But my old pages with their .html extensions have lots of incoming links that would be broken if I made them into .php pages. Our search results positions are key to the success of the site and I don't want to throw any spanner in the works that might upset this. So is it possible to use PHP in HTML pages?

Yes, it is. And in fact, it turned out to be easier than I thought. In our case, it was simply a matter of adding one line that said: 

AddHandler application/x-httpd-php .html .shtml

to the .htaccess file in the root of our server's html directory. I included .shtml as well because we already have a few pages that use the server-side include mechanism and I decided that they may as well all change over to the PHP include format instead for consistency. So now, as an immediate benefit of this change, every page can now read the navigation menu and other constant elements from separate files that can be changed in a single edit, whereas in the past I would have to do a block replace and upload new copies of every page whenever I changed something in the menu.

Some of the web pages I found while researching how to do this mentioned adding an AddType line to .htaccess. This was not necessary, at least not in our case, and in fact this line caused the browser to try to download the PHP or HTML file as text instead of displaying it! This brought home the importance of testing the changes thoroughly using different browsers to make sure everything works as expected. The suggestion on one site that you should test the changes locally may not be too helpful, because every web server is configured differently. Certainly Apache under Windows works differently than but does under Linux. In the end, it's how it works on your live server that matters.

This experience also emphasized the importance of keeping important passwords and other security related information used by your PHP scripts (MySQL database access credentials, for example) in separate included PHP files in a directory outside the public HTML directory. A simple server misconfiguration, whether by you or your web hosting service, could allow visitors to download the text of your PHP scripts and obtain your passwords without you realizing it!

Used tags: , , , , , ,

« Mystery malware | Home | In search of the perf… »

no comments

Trackback link:

Please enable javascript to generate a trackback url

Leave a comment
  
Remember personal info?

Emoticons / Textile
  (Register your username / Log in)

Notify:
Hide email:

Small print: All html tags except <b> and <i> will be removed from your comment. You can make links by just typing the url or mail-address.

Archives

September 2008
August 2008
July 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008

Topics

Business
Computers
Internet
News
Other stuff
Soapbox
Software
Tips and tricks
Web development
Windows